Post on 21-Aug-2018
FIIF JAM SESSION focusing on
Industrial Internet cyber safety
issues 22 September 2015
”Cyber Security Testing”
Pasi Ahonen, Senior Scientist, KYBER-TEO Project Manager
VTT Technical Research Centre of Finland
2
ULTIMATE GOAL: To integrate Automated Cyber Security Testing to IoT
application designer’s daily tools!
21/09/2015 3
Cyber Security ”War Room”
What is the War Room? Includes a mini-Internet environment that is completely isolated
from all other telecommunications
Devices or software can be subjected to highly realistic cyber-
attacks in a controlled way
Wide range of attacks can be tried to test the performance of
various systems
Personnel of over 30 researchers with extensive experience and
knowhow on cyber security
Equipped with cutting edge technologies and devices
War Room enables Conducting of attacks aimed at seizing systems, implementation
of typical hacker attack strategies and botnet attacks
Identification of cyber attacks, threats and vulnerabilities
Monitoring effective attacks and developing tools for cyber
situational awareness
In-depth cyber analyses from network traffic log information
Security testing of products and services
SW security auditing
5
Case concepts
Target is to find vulnerabilities and design bugs from the customer’s systems or devices under test
Customer brings the device, software or system to be tested
War room facility can be used for testing Confidential reporting to customer
6
Hacking concepts
Hacking: Utilise vulnerabilities and passing by security control systems. Then use the system or application against original purpose. Ethical hacker, ”White hat”: Basicly same methods than criminals …but they have permission for their activities and findings are not used for criminal purposes
7
Examples of the tools
• Commercial:
• -Codenomicon Defensics TCF
• -Nessus
• -Metasploit
• -.NET Reflector
•
Open source: -CrypTools -IDA Free -scapy -Burp Suite -OWASP ZAP -Maltego -Nikto -Hydra -sslyze -Armitage
-stompy -radamsa -nmap -Wireshark -Jack the Ripper -Valgrind -!Exploitable -Xplico -Bro NSM -Snort
Tools depend on the customer case
8
Network User device Application
Information collection Malware Authentication
Listening Vulnerabilities Configuration control
Password attacks Execute unauthorised code Overflow
Service blocking attack Service blocking attack
Service blocking attack
Man-in-the-middle Upgrade of user rights Cryptography
ARP-Poisoning Illegal access Input validation
Security testing concepts – per target
9
Certified Ethical Hacking
CEHv8 Module Footprinting and Reconnaissance
CEHv8 Module Scanning Networks
CEHv8 Module Enumeration
CEHv8 Module System Hacking
CEHv8 Module Trojans and Backdoors
CEHv8 Module Viruses and Worms
CEHv8 Module Sniffing
CEHv8 Module Social Engineering
CEHv8 Module Denial of Service
CEHv8 Module Session Hijacking
CEHv8 Module Hacking Webservers
CEHv8 Module Hacking Web Applications
CEHv8 Module SQL Injection
CEHv8 Module Hacking Wireless Networks
CEHv8 Module Hacking Mobile Platforms
CEHv8 Module Evading IDS, Firewalls, and Honeypots
CEHv8 Module Buffer Overflow
CEHv8 Module Cryptography
CEHv8 Module Penetration Testing
Learning, ethically…
10
A Challenge for all of us
We are searching for new IoT test targets: • IoT platforms • IoT applications • IoT devices
Any volunteers, today? ;-)